[Swan-dev] [Swan-commit] Changes to ref refs/heads/master

Paul Wouters paul at nohats.ca
Tue Jun 18 14:13:19 UTC 2019


On Tue, 18 Jun 2019, Andrew Cagney wrote:

> Would it be better to call this from complete_v2_state_transition() -
> it knows the state that is failing, it just needs to know what the
> audit log is.

Yes it would be if we could do it there. Unfortunately, it is not clear
whether a child or parent SA failed when we return stf_status != STF_OK.
And since some of these state transitions involve two states changing.
Eg child SA failing but parent SA succeeding returns STF_OK in
complete_v2_state_transition()

> I don't think littering the code with audit calls will work long term.

I totally agree. Initially I also logged the reason for the error, so it
couldn't go there for that reason either. I'll look again to see if I
can put it in complete_v2_state_transition() with more minimal
exceptions.

Paul


More information about the Swan-dev mailing list